back to article A month to go on Cookie Law: Will Google Analytics get a free pass?

Website operators in Blighty have been continuously perplexed by the upcoming enforcement of the EU's cookie law on 26 May. The Information Commissioner's Office granted affected firms a year-long breather to get themselves up to scratch back in 2011, but the clock is now ticking and the law – however watered down it might …

COMMENTS

This topic is closed for new posts.
  1. Tom Chiverton 1
    Meh

    So, still clear as very thick sticky black mud then ? Helpful.

  2. Anonymous Coward
    Anonymous Coward

    ICO could give no advice

    I contacted them last year to ask about Google Adsense as I was looking to set up a forum and wanted to put some ads in to generate reveneue to cover the hosting costs.

    The response I got was it maybe ok but it may not be but we just don't know yet.

    I abandoned the project because if the forum had taken off and I'd had to upgrade the hosting I could have been left with a large bill.

    idiots

  3. Anonymous Coward
    Anonymous Coward

    IP-address and cookie lifespan, innit

    Regarding tracking, the cookie is just a means to an end: an identifier of the user to be used to collate personal information about the user on a server; this is the actual breach of personal information.

    It's more important to restrict the collation by preventing the full ip-address from being collected at the same time. Google has bowed to the wishes of the German ICO and provided a workaround that anonymises the last octet of the ip-address, thus, making it a bit more difficult for Google to aggregate a single user's behaviour from different cookies spread across sites. And, of course, cookies should have lifespans that are as short as possible.

  4. Anonymous Coward
    Anonymous Coward

    Don't need no law

    Ghostery, Private browsing and do not track all switched on

    1. Tony Green

      Re: Don't need no law

      That's because you, like me, know what a cookie is and how to block one. Not the sort of thing that helps the average user who doesn't even know what a web browser is and just thinks the IE icon is "the Internet".

      1. wowfood

        Re: Don't need no law

        You mean its not?

      2. Anonymous Coward
        Anonymous Coward

        Re: Don't need no law

        That's because, the desktop icon for IE9 is labeled "The Internet", which it isn't. I have IE9 on machines that have no Internet access. Does Windows relabel IE9 as "The Intranet"? No.

  5. Harry

    Google Analytics is NOT a first party

    "we are highly unlikely to prioritise first party cookies used only for analytical purposes in any consideration of regulatory action"

    So -- if you are Google -- then you can use Google Analytics. Perhaps -- because even then, Google analytics is a completely separate domain to google.com so technically its a third party even when visiting one of google's own pages.

    But -- if you are *not* Google -- then its definitely a third party, so not exempt from being "prioritised" so you'd better stop doing it if ICO ever gets round to working out what a third party cookie really is.

    1. Anonymous Coward
      Anonymous Coward

      Re: Google Analytics is NOT a first party

      If the cookie is set by JS code running on mydomain.co.uk, and the cookie domain is mydomain.co.uk, then it's not a third party cookie, it's first party.

      Sure, the code is third party i.e. Google's, and it's requesting an innocent little GIF from a different domain, but as far as the cookie is concerned it's all mine.

      I think ICO knows the difference between 1st and 3rd party - do you?

  6. Anonymous Coward
    Anonymous Coward

    ive removed google analytics from my 'regular' co.uk domains because they are registered to me at my UK address, but on my .com 'adult' blogs hosted on US servers and registered with privacy details that show the address of the US registrar as the domain contact i've kept it on until they can make up their mind if its allowed or not

  7. GettinSadda
    Unhappy

    Confused - Guess I must shutter my sites!

    I have six sites using various off-the-shelf (free) CMS systems such as Drupal, phpBB and WordPress. I have no idea how the law applies to these - especially as some of them show Google or Amazon ads.

    Unless I can figure out what I have to do to comply with the new law I can only assume that on 25th May I must replace all of these sites with a static page showing "Site closed down due to EU Cookie law"

    1. Gannon (J.) Dick
      FAIL

      Re: Confused - Guess I must shutter my sites!

      Ladies and Gentlemen, we have a BINGO. Please turn in all your cards and join us next week for another game.

    2. Anonymous Coward
      Anonymous Coward

      Re: Confused - Guess I must shutter my sites!

      The irony is most of your users will likely think "why's a website closed down becouse of a law on tasty snacks?"

    3. Mage Silver badge

      Re: Confused - Guess I must shutter my sites!

      Nonsense.

    4. Anonymous Coward
      Anonymous Coward

      Re: Confused - Guess I must shutter my sites!

      "Unless I can figure out what I have to do to comply with the new law I can only assume that on 25th May I must replace all of these sites with a static page showing "Site closed down due to EU Cookie law""

      Or do what me and millions of other people are going to do. Nothing. Just like the ICO. They love doing nothing. I'm going to be doing so little about this stupid law I suspect they will offer me a job.

  8. James 100
    FAIL

    Moral of tale: if you want to do business online, don't do it within the EU? Do these clowns actually believe their half-witted tampering is somehow beneficial to anybody, or are they genuinely trying to sabotage the Internet now?

    If you don't want cookies, turn them off - the idea of getting the jackbooted luddites in is wrong on so many levels, I despair.

  9. Anonymous Coward
    Anonymous Coward

    The only 'law' that will work is where the user can enforce solid security controls over what info can be released. Those controls should be ON by default and turned off if the user chooses to share info.

    Then (with apologies to Stallone's Judge Dredd), "I AM THE LAW..."

  10. Eguro

    TITLE!

    Rosy glasses would say that we shouldn't need these kinds of laws, because every browser should have a prompt along the lines of "www.bangersnmash.com would very much like to place cookies on your computer. These would be used for X - will you allow this?

    -Yes, this time.

    -Yes, always for www.bangersnmash.com.

    -No, not at this time.

    -No, never for www.bangersnmash.com"

    Buuut since people aren't always in it for the good of other people, we actually sometimes need laws, that aren't necessary to protect everyone, but are necessary to protect many (or even just few).

  11. Gwaptiva
    Windows

    I'm just a simple coder

    so I don't quite get why "something which tracks how many users visit a page" needs to be a cookie at all.

    Shurely, you count visits on the server hosting the page, rather than having the server put a cookie on the client that can then be queried by the server to say "hah, look, visitors += 1"...

    (Windows user, because I'm obviously not smart enough)

    1. GettinSadda
      Boffin

      Re: I'm just a simple coder

      Simple - If I make a site and my mum checks it out 200 times I don't want to think I have 200 visitors. And I can't just use the IP address because my mum is on an ISP with dynamic IPs and gets a new one at least once a day.

  12. Anonymous Coward
    Anonymous Coward

    The whole point of this law was to stop ad tracking cookies

    Now that the ICO has caved into Google et al, just what is the point?

  13. Anonymous Coward
    Anonymous Coward

    e-Privacy Defective will not defeat the evil Google!

    Google ANALytics' perpetually retentive tracking cookies give the words "insidious" and "sinister" a whole new meaning.

    Google has you tightly by the balls and will never let go!

    1. Anonymous Coward
      Anonymous Coward

      Re: e-Privacy Defective will not defeat the evil Google!

      That's what I don't understand. The intention, when the EU framed this law, was surely to target tracking activity by Google et al. The UK, when interpreting the law seems to say that they'll give Google a free pass for some reason (too big to sue?). So who will be the targets for action in the UK? I would really love to know. Will it be the usual 'hit the plebs and let the nobs go free'?

      Mind you, with the ICO's pitiful record of enforcement, I don't think anyone need quake in their boots just yet.

      Problem is, on May 26, law abiding websites are going to be plastered with warning messages, and their less savvy users will think the sky is falling in. What's the betting that Google, Amazon, etc do precisely sod all?

  14. Vostor
    WTF?

    EU trying to destroy buisnesses??

    I have worked in the IT industry for a few years and these idiots every time some thing happens they have to throw there little "changes" into the mix.. I bet one of them was asked or was told by a antivirus (you know the message "do you want to remove cookies" they could be harmful..) and cookies would kill your computer so they did a bit of reading and watched a bit sesame street and now they have to make a law to make there jobs worth! how much has this COST for these clowns to put together a bill really this is not protecting the public this is going to affect there internet experience to a large degree

    really they did this to microsoft a few years ago with the "they must give you an option of browsers" Apple didn't have too, not gona say anything about ubuntu and the loads of other free based products no just microsoft. Dont get me wrong i dont use windows not done for a few years but still why did the EU get involved? hell you dont see them telling the french off for being well french!! or the german's off for making another great car?

    1. Anonymous Coward
      Anonymous Coward

      Re: EU trying to destroy buisnesses??

      Short memory.

      Apple didn't have to, because at that time the Mac OS came complete with a copy of Microsoft Internet Explorer. Do you think the arrival of Safari was due to a threat of EU punishment for collusion with Microsoft? (Clue - it wasn't)

      The Microsoft anti-trust case was because they so strenuously resisted allowing users not just to choose another browser, but to uninstall Explorer.

  15. LawLessLessLaw
    Boffin

    I can't wait.

    I've had some success via the Advertising Standards Authority http://www.proweb.co.uk/~matt/asa_pcworld_haha.gif

    And via The Telephone Preference Service "can you hand me to your supervisor now, you've committed a criminal offence by phoning me"

    I'm really looking forward to this cookie law being enforced, I'm going to be such a dick!

  16. Andy Livingstone

    No doubt will be censored.

    What about DoubleClick and Facebook from "The Register"?

    What about SOs? Are they classed as cookies. The insidious little sods are everywhere now.

    1. Anonymous Coward
      Anonymous Coward

      Re: No doubt will be censored.

      Actually the law doesn't talk about cookies - it's all about storing data on the user's device. So, according to the law, the Reg should have asked permission before dumping this HTML page in your browser's cache.

      That's just how usefl and informed this law is.

  17. Nebulo
    Boffin

    Brute force?

    I note that you can get a blocklist for known Microsoft addresses. Can you get one for Google addresses? It would be interesting, maybe a bit scary, to see how much of the internet would get broken by booting Google out of the picture altogether.

    1. Anonymous Coward
      Flame

      Re: Brute force?

      A well configured firewall eats cookies before they even hit the cache. Furthermore, we must, as a community concerned for our internet freedom and privacy to aggressively confront the Googles of the world. 'Don't be evil' my arse. That stinking cancer called Google wants to own the internet and all of us too. I say burn em down.

      1. Anonymous Coward
        Anonymous Coward

        Re: Brute force?

        yeah I really care about google when the government intends on putting DPI and real time monitoring into every isp in the land so any tom dick or harry can view your traffic without a warrant.

        Oh no the big scary cookies...

  18. Mr Young
    Pint

    Ancient phone laws?

    Here was me thinking that the interception of communications was illegal - has the internet changed all that then? I think not somehow!

  19. Anonymous Coward
    Anonymous Coward

    So, my website that runs Adsense and uses Analytics will be breaking the law? Is that right?

    1. This post has been deleted by its author

  20. Anonymous Coward
    Anonymous Coward

    Stupid idea

    Isn't it going to be a a right PITA if every (European) website you visit has to ask you whether you want their cookies or not before you can use it? Of course they could make it more convenient by sending you a cookie that tells them that you don't want their cookies the next time you visit... but that wouldn't be allowed, would it? ;-)

  21. MRC1980

    I did this last year

    When they bought in the law I tried out a couple of different solutions, even writing to the ICO to find out exactly how they had implemented it on their site.

    I put a script into my headers to bring up a "do you want to let us use cookies?" banner and a link to information explaining what we used, why we used it and also to allaboutcookies.org

    It lasted about a week.

    Our analytics package became functionally useless, and even the amount of bandwidth used dropped significantly. Our sales took a massive hit as the public did not like or trust any kind of popup.

    I <!--'d the script out and its still sitting there till the last possible minute to bring back. Do not track in browsers is a better idea but as a marketer I would prefer "opt out" so I can gauge how successful a campaign is without having to go back to the bad old days of using AW stats and the like.

  22. Anonymous Coward
    Anonymous Coward

    in your dreams

    Explicit user consent as in some sort of tick box upon entry is not gonna happen. Best case is that it'd be put in the terms of use, that you're deemed AUTOMATICALLY accepted upon entering a website. Otherwise it will 'break the internet' and if actually enforced, they'd also ignite the wrath of most site owners and people who generally use the internet a lot.

    Think what's gonna happen if advertisers can no longer store cookies on your machine. Sure you feel a little less naked. But don't forget that's the bread and butter for the website you were just visiting. If you're willing to fork out £2.99 or more a month for EACH and every site that used to be kept up by advertising revenues then that's another story.

    But I don't think I know anybody who would.

    Of course, it's a different story if the websites you were visting were all funded and provide to you for free by one of the global telecoms / IT / tech company just because they don't want another Facebook / Google / Twitter internet giant to emerge.

    It's part of the plan you see for the rich to keep themselves rich and the poor to stay poor.

    Well whatever, after all's done and said. The law is an EU law. Not gonna stop people setting up shop on brighter shores, it just gives the EU an excuse to 'ruin' any site owners they don't like because technically they'd have violated this particular law and other ridiculous laws that are used to get rid of what THEY deem as 'troublemakers'.

    Pah. People in power. *spit*

  23. embraman
    Go

    It's all right...

    ...we'll just wait to see what the BBC website does. If they do nothing, we can all follow suit. If they *do* do something, waith a bit, then copy it, on the basis that users will recognise what it's all about and not freak out when they visit your site. Or something.

    1. Anonymous Coward
      Anonymous Coward

      Re: It's all right...

      That's the first common sensecomment I've read on this issue. Good call!

  24. Mr Plebby

    The Bad, the Ugly and the Deceitful

    Dear ICO,

    How are you doing with your stupid EU sponsored cookies law? All I see is a shambles. Below is the type of message that many web sites will use. There will be variants but a campaign will almost certainly be launched against you and I do hope it leads to your complete humiliation. I will certainly sign any petition which exposes you.

    Due to a stupid EU law reminiscent of the straight banana fiasco that we had many years back, followed by the illegality of selling carrots with nobly bits on, not forgetting the cucumbers which were not the right shade of Green, etc we hereby notify you that our site uses cookies to enhance your browsing experience so that you may save favorites, issue Google +1's, Facebook Likes, Twitter Tweets and Google Analytics. You can delete cookies on your device using the browser functionality that it provides should you wish to do so ( I guess that is way too difficult for most ICO employees and EU Commission parasites so we provide an extra link for you - further details). You can even set your browser to reject cookies (ICO employees please pay attention to the options in your browser preferences - see this link here) but then your browsing experience will be adversely effected. In plain English the site you are now on will not work. Our complete privacy policy is set out within our legal terms and conditions. To continue you must press O.K and by doing so you agree to cookies being used and stored on your device. If you don't agree then please petition your government to have these parasitic idiots in the EU commission fired before they further damage the internet. Alternatively press the ICO button (link) to register your complaint.

    Quite frankly, the sooner those idiots in ICO the EU commission are disbanded the better. Zero for technical knowledge, zero for even having any concrete advice on how to comply with their laws. Hardly any government web sites even comply.

    Simply who will sponsor prosecutions of government agencies particularly those in Brussels that do not comply or they will be exempted as they are so often from simple things like paying local taxes to generous VAT exemptions. It all makes the blood boil.

    Why don't they all go and do something useful like track down internet criminals and those practicing deceit and deception on the internet like politicians and bureaucrats. The fact that both these groups receive money from the tax payer, shouldn't their lies be considered as deception for financial gain? i thought that was a criminal offence.

    It is a pathetic law which has no thought behind it, let alone a pragmatic solution for the customer - do we really want to be interrupted with a message every time we try to view a page. Probably 50% of all web sites owners with blogs, etc will not even know what cookies are. Next they will be asking that people have to take a test and hold a license to surf the internet as it could be bad for their health. It makes me want to just leave Europe. The future is so bleak for our children here. I just feel so powerless with little democracy or indeed any willingness by government to consult the people on almost any aspect of life..

    And to top it all it is simply laughable that the ICO web site uses social bookmarks. What a bunch of **** If I were Google or FB, I would remove them from the SERPS so they can't be found. nobody will ever know who or where to complain. They will be what they really are - an irrelevance.

    Regards

  25. Anonymous Coward
    Anonymous Coward

    So what

    Screw the cookie law. The ICO is happy for corporations to give away the details of members of the public with no punishment or to run illegal wire-tapping activities (i.e. BT).

    When they grow a pair I might be scared of them. Until then they are joke and can suck on my fat cookies. And my adsense. And my Google Analytics.

  26. Matt Hawkins
    FAIL

    Insane

    So I've got to ask people if my sites can use cookies ... but I'm not allowed to remember the answer because that would be bad. So every page they visit I have to shove a message in their face?

    Have the idiots that have come up with this junk even thought about it?

    Luckily the ICO is a lame duck. They've set the bar pretty high for law breaking so I don't think anyone need worry too much. When they actually fine companies for putting people's bank details into the public domain (Sony, BT etc) then I might think about it. Until then I'll be having cookies with my tea every day.

    If you don't want cookies, turn them off. If you don't like Google don't use their services. If you don't like Ads use an adblocker. If you don't like the Internet then go back to Ceefax ... oh hang on ...

This topic is closed for new posts.

Other stories you might like